functions for signing stuff

Cargo.lock

@@ -1288,6 +1288,7 @@ name = "reminder_rs"
 version = "1.5.1"
 dependencies = [
  "Inflector",
+ "base64 0.13.0",
  "chrono",
  "chrono-tz",
  "dashmap",
@@ -1302,6 +1303,7 @@ dependencies = [
  "regex",
  "regex_command_attr",
  "reqwest",
+ "ring",
  "serde",
  "serde_json",
  "serenity",

Cargo.toml

@@ -25,6 +25,8 @@ levenshtein = "1.0"
 # serenity = { version = "0.10", features = ["collector"] }
 serenity = { path = "/home/jude/serenity", features = ["collector", "unstable_discord_api"] }
 sqlx = { version = "0.5", features = ["runtime-tokio-rustls", "macros", "mysql", "bigdecimal", "chrono"]}
+ring = "0.16"
+base64 = "0.13.0"
 
 [dependencies.regex_command_attr]
 path = "./regex_command_attr"

src/commands/reminder_cmds.rs

@@ -7,8 +7,8 @@ use serenity::{
     client::Context,
     http::CacheHttp,
     model::{
-        channel::GuildChannel,
         channel::Message,
+        channel::{Channel, GuildChannel},
         guild::Guild,
         id::{ChannelId, GuildId, UserId},
         misc::Mentionable,
@@ -26,7 +26,7 @@ use crate::{
     },
     framework::SendIterator,
     get_ctx_data,
-    models::{ChannelData, GuildData, Timer, UserData},
+    models::{ChannelData, CtxGuildData, GuildData, MeridianType, Timer, UserData},
     time_parser::{natural_parser, TimeParser},
 };
 
@@ -42,14 +42,14 @@ use std::{
     collections::HashSet,
     convert::TryInto,
     default::Default,
+    env,
     fmt::Display,
     string::ToString,
     time::{SystemTime, UNIX_EPOCH},
 };
 
-use crate::models::{CtxGuildData, MeridianType};
 use regex::Captures;
-use serenity::model::channel::Channel;
+use ring::hmac;
 
 fn shorthand_displacement(seconds: u64) -> String {
     let (days, seconds) = seconds.div_rem(&DAY);
@@ -80,6 +80,41 @@ fn longhand_displacement(seconds: u64) -> String {
     sections.join(", ")
 }
 
+fn generate_signed_payload(reminder_id: u32, member_id: u64) -> String {
+    let s_key = hmac::Key::new(
+        hmac::HMAC_SHA256,
+        env::var("SECRET_KEY")
+            .expect("No SECRET_KEY provided")
+            .as_bytes(),
+    );
+
+    let mut context = hmac::Context::with_key(&s_key);
+
+    context.update(&reminder_id.to_le_bytes());
+    context.update(&member_id.to_le_bytes());
+
+    let signature = context.sign();
+
+    format!(
+        "{}.{}",
+        base64::encode(reminder_id.to_le_bytes()),
+        base64::encode(&signature)
+    )
+}
+
+fn validate_signature(payload: String, member_id: u64) -> bool {
+    let (a, _b) = payload.split_once('.').expect("Payload format incorrect");
+
+    let reminder_id = u32::from_le_bytes(
+        base64::decode(a)
+            .expect("Payload format incorrect")
+            .try_into()
+            .expect("Payload format incorrect"),
+    );
+
+    payload == generate_signed_payload(reminder_id, member_id)
+}
+
 async fn create_webhook(
     ctx: impl CacheHttp,
     channel: GuildChannel,

src/main.rs

@@ -268,8 +268,6 @@ DELETE FROM guilds WHERE guild = ?
                 if let (Some(InteractionData::MessageComponent(data)), Some(member)) =
                     (interaction.clone().data, interaction.clone().member)
                 {
-                    println!("{}", data.custom_id);
-
                     if data.custom_id.starts_with("timezone:") {
                         let mut user_data = UserData::from_user(&member.user, &ctx, &pool)
                             .await